I’ve listened to people gripe for a long time now about how Cisco has been neglecting their Security Portfolio. I can’t totally disagree, but they have made some progress with ISE, ASA 1000V and the ASA CX. Still look at how long it’s been since the IPS Sensor got a real refresh. Well things could be changing now that they have announced plans to buy Sourcefire for a whopping 2.7 billion. If you don’t know who source fire is then head over to their Web site and check out the portfolio Cisco will be picking up.
Looking at the Sourcefire product line, you could maybe make some guesses. The IPS and FIREWALL could possibly be parted out in updates to the existing IPS Series and ASA Series devices, and their Advanced Malware Protection could even be seen in the Web and Email Security Appliances. On the open source front they have Snort, which is what their NGIPS is based on. Cisco might have some plans for it’s use, however, I would think it unlikely that Cisco continue to support the open-source products.
Still, even with a purchase like this, some may feel it’s too little too late for Cisco. Palo Alto has had a product that people rave about and not until the ASA CX did I see Cisco have something to compare. Features that you expect to be there in ASA code just aren’t there. Take CoA for example. It’s been said to be “On The Roadmap” for quite some time and it’s rumored to be coming in ASA 9.2, but it’s still not there. Until recently, Firewall Clustering was non-existant, but now that it’s available it’s only supported on the high end ASA’s.
I’ve always been a fanboy of the Cisco Security line and I hope they start showing some real attention in the space. 2.7 billion sounds like an investment that should get some attention and likely good things will come of it. In the mean time we all just have to be content with the same old IPS, same old ASA, same old song and dance with Cisco. But what do I know? Cisco is typically very secretive about internal initiatives. While not as tight lipped as Apple is they still take efforts to hide what they are working on like assigning cool code names to projects as was the case with Positron, or what we now know to be the Cisco Identity Services Engine. Tomorrow they may drop a new announcement of some new IPS that revolutionizes the industry with line rate processing, 98% accuracy and the ability to weed whack and mow the lawn. Speaking of mowing the lawn, I better move on to my list of chores.